---
- name: allow Apache to remotely connect to mysql
  seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
  tags:
  - mediawiki

- name: allow Apache to remotely connect to wiki
  seboolean: name=httpd_can_network_connect state=yes persistent=yes
  tags:
  - mediawiki

- name: allow Apache to remotely connect to Memcached
  seboolean: name=httpd_can_network_memcache state=yes persistent=yes
  tags:
  - mediawiki

- name: allow Apache to talk to the wiki uploads dir over nfs
  seboolean: name=httpd_use_nfs state=yes persistent=yes
  tags:
  - mediawiki

- name: set sebooleans so apache can send emails
  seboolean: name=httpd_can_sendmail state=yes persistent=yes
  tags:
  - mediawiki

- name: set sebooleans so apache can build svgs
  seboolean: name=httpd_setrlimit state=yes persistent=yes
  tags:
  - mediawiki

- name: set sebooleans so apache can map files
  seboolean: name=domain_can_mmap_files state=yes persistent=yes
  tags:
  - mediawiki

- name: install needed packages
  package:
    state: present
    name:
    - "{{ wikiver }}"
    - "{{ wikiver }}-Lockdown"
    - "{{ wikiver }}-SpecialInterwiki"
    - "{{ wikiver }}-RSS"
    - mediawiki-FedoraBadges
    - php-zmq
    - php-pecl-uuid
    - librsvg2-tools
    - php-pgsql # For badges db access
  tags:
  - packages
  - mediawiki

- name: install needed packages (fedora only)
  package: name={{ item }} state=present
  with_items:
  - "{{ wikiver }}-skin-fedora"
  - php-mysqlnd
  - mediawiki-OpenIDConnect
  - mediawiki-OpenIDConnectAPI
  - php-rmccue-requests
  - mediawiki-fedoradocsredirect
  - mediawiki-backtick-code
  tags:
  - packages
  - mediawiki

- name: adding fedmsg emit
  copy: src=fedmsg-emit.php dest=/usr/share/{{ wikiver }}/extensions/fedmsg-emit.php owner=root group=root mode=775
  tags:
  - config
  - mediawiki

#- name: adding fedora-messaging emit
#  copy: src=fedora-message-emit.php dest=/usr/share/{{ wikiver }}/extensions/fedora-messaging-emit.php owner=root group=root mode=775
#  tags:
#  - config
#  - mediawiki

- name: Create /etc/pki/fedora-messaging
  file:
    dest: /etc/pki/fedora-messaging
    mode: 0775
    owner: root
    group: root
    state: directory
  when: "deployment_type is defined"
  tags:
  - config

# FIXME: We currently don't seem to have a wiki cert, need to create one
- name: Deploy the Fedora wiki fedora-messaging cert
  copy:
    src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/mediawiki{{env_suffix}}.crt"
    dest: /etc/pki/fedora-messaging/mediawiki{{env_suffix}}-cert.pem
    mode: 0644
    owner: root
    group: root
  when: "deployment_type is defined"
  tags:
  - config

# FIXME: We currently don't seem to have a wiki key, need to create one
- name: Deploy the Fedora wiki fedora-messaging key
  copy:
    src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/mediawiki{{env_suffix}}.key"
    dest: /etc/pki/fedora-messaging/mediawiki{{env_suffix}}-key.pem
    mode: 0640
    owner: root
    group: root
  when: "deployment_type is defined"
  tags:
  - config

- name: startup apache
  service: name=httpd enabled=yes state=started
  tags:
  - mediawiki

- name: Fedora branding
  copy: src=skins/ dest=/usr/share/{{ wikiver }}/skins owner=root group=root mode=775
  tags:
  - config
  - mediawiki

- name: creating wiki dir
  file: path=/srv/web/{{wikiname}}-wiki owner=root group=root mode=755 state=directory
  tags:
  - mediawiki

#- name: creating config dir
#  file: src=/usr/share/{{ wikiver }}/config dest=/srv/web/{{wikiname}}/config owner=apache group=apache mode=755 state=directory
#  tags:
#  - mediawiki

# This doesn't seem to exist anymore in upstream....
#- name: install utils
#  file: src=/usr/share/{{ wikiver }}/install-utils.inc dest=/srv/web/{{wikiname}}-wiki/install-utils.inc state=link
#  tags:
#  - mediawiki

- name: install localsettings
  template: src=LocalSettings.php.{{wikiname}}.j2 dest=/srv/web/{{wikiname}}-wiki/LocalSettings.php owner=apache group=apache mode=600 setype=httpd_sys_content_t
  notify: reload httpd
  tags:
  - mediawiki
  - localsettings

- name: httpd conf
  template: src=mediawiki-app.conf.j2 dest=/etc/httpd/conf.d/{{wikiname}}.conf
  notify: reload httpd
  tags:
  - mediawiki

- name: linking index.php
  file: dest=/srv/web/{{wikiname}}-wiki/index.php src=/usr/share/{{ wikiver }}/index.php state=link
  tags:
  - mediawiki

- name: linkng api.php
  file: dest=/srv/web/{{wikiname}}-wiki/api.php src=/usr/share/{{ wikiver }}/api.php state=link
  tags:
  - mediawiki

- name: linking opensearch
  file: dest=/srv/web/{{wikiname}}-wiki/opensearch_desc.php src=/usr/share/{{ wikiver }}/opensearch_desc.php state=link
  tags:
  - mediawiki

- name: linking extensions
  file: dest=/srv/web/{{wikiname}}-wiki/extensions src=/usr/share/{{ wikiver }}/extensions state=link
  tags:
  - mediawiki

- name: linking includes
  file: dest=/srv/web/{{wikiname}}-wiki/includes src=/usr/share/{{ wikiver }}/includes state=link
  tags:
  - mediawiki

- name: linking languages
  file: dest=/srv/web/{{wikiname}}-wiki/languages src=/usr/share/{{ wikiver }}/languages state=link
  tags:
  - mediawiki

- name: linking maintenance
  file: dest=/srv/web/{{wikiname}}-wiki/maintenance src=/usr/share/{{ wikiver }}/maintenance state=link
  tags:
  - mediawiki

#- name: linking serialized
#  file: dest=/srv/web/{{wikiname}}-wiki/serialized src=/usr/share/{{ wikiver }}/serialized state=link
#  tags:
#  - mediawiki

- name: linking skins
  file: dest=/srv/web/{{wikiname}}-wiki/skins src=/usr/share/{{ wikiver }}/skins state=link
  tags:
  - mediawiki

- name: linking load
  file: dest=/srv/web/{{wikiname}}-wiki/load.php src=/usr/share/{{ wikiver }}/load.php state=link
  tags:
  - mediawiki

- name: linking resources
  file: dest=/srv/web/{{wikiname}}-wiki/resources src=/usr/share/{{ wikiver }}/resources state=link
  tags:
  - mediawiki

- name: linking vendor
  file: dest=/srv/web/{{wikiname}}-wiki/vendor src=/usr/share/{{ wikiver }}/vendor state=link
  tags:
  - mediawiki

- name: ensure a directory exists for our SELinux policy
  file: dest=/usr/local/share/selinux/ state=directory
  tags: selinux

- name: copy over our custom selinux policy
  copy: src=selinux/mediawiki.pp dest=/usr/local/share/selinux/mediawiki.pp
  register: selinux_module
  tags: selinux

- name: install our custom selinux policy
  command: semodule -i /usr/local/share/selinux/mediawiki.pp
  when: selinux_module is changed
  tags: selinux
